{"vulnerability": "CVE-2022-2651", "sightings": [{"uuid": "3b048037-6ff7-4143-b957-1c0a2ee83f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26512", "type": "seen", "source": "https://t.me/cibsecurity/58377", "content": "\u203c CVE-2022-26512 \u203c\n\nUncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T22:26:51.000000Z"}, {"uuid": "9bab3761-db07-43ec-ba6f-cf3ac3630aff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26513", "type": "seen", "source": "https://t.me/cibsecurity/52875", "content": "\u203c CVE-2022-26513 \u203c\n\nOut-of-bounds write in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:39:26.000000Z"}, {"uuid": "139058bc-5fbe-4a6b-a9b1-dc11f47c3b68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2651", "type": "seen", "source": "https://t.me/cibsecurity/47534", "content": "\u203c CVE-2022-2651 \u203c\n\nAuthentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-04T12:19:23.000000Z"}, {"uuid": "d1bc6736-b9e9-44d2-962d-b6575a97998a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26518", "type": "seen", "source": "https://t.me/cibsecurity/42533", "content": "\u203c CVE-2022-26518 \u203c\n\nAn OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-12T20:42:22.000000Z"}, {"uuid": "3d8fce20-acad-4b37-97cd-33d5c7fcc867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26510", "type": "seen", "source": "https://t.me/cibsecurity/42517", "content": "\u203c CVE-2022-26510 \u203c\n\nA firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-12T20:42:03.000000Z"}, {"uuid": "f5ca1216-df4b-4422-8743-55beea7924db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26517", "type": "seen", "source": "https://t.me/cibsecurity/42012", "content": "\u203c CVE-2022-26517 \u203c\n\nOn F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when the BIG-IP CGNAT Large Scale NAT (LSN) pool is configured on a virtual server and packet filtering is enabled, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-05T20:36:47.000000Z"}, {"uuid": "16972855-2cdb-426b-a3ac-ba7f1fc8aa47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26516", "type": "seen", "source": "https://t.me/cibsecurity/41179", "content": "\u203c CVE-2022-26516 \u203c\n\nAuthorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-20T20:25:47.000000Z"}, {"uuid": "4d23fbaf-92c2-4c6a-a849-98f8d19dc9ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26519", "type": "seen", "source": "https://t.me/cibsecurity/41186", "content": "\u203c CVE-2022-26519 \u203c\n\nThere is no limit to the number of attempts to authenticate for the local configuration pages for the Hills ComNav Version 3002-19 interface, which allows local attackers to brute-force credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-20T20:26:00.000000Z"}, {"uuid": "a4f84d69-64a3-4123-a37e-b6c6c54d291f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26514", "type": "seen", "source": "https://t.me/cibsecurity/39751", "content": "\u203c CVE-2022-26514 \u203c\n\nDelta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in DIAE_tagHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T20:11:22.000000Z"}, {"uuid": "a7c09a4d-a0cc-4d9e-a8ee-cc1ec2cce1af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26511", "type": "seen", "source": "https://t.me/cibsecurity/39164", "content": "\u203c CVE-2022-26511 \u203c\n\nWPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current directory type' DLL loading).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-17T21:26:44.000000Z"}, {"uuid": "d4d638b4-60be-4bdd-a975-8575fffc084b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2651", "type": "exploited", "source": "https://www.exploit-db.com/exploits/51013", "content": "", "creation_timestamp": "2022-09-20T00:00:00.000000Z"}]}